CVE-2018-15773

Dell Encryption (formerly Dell Data Protection | Encryption) v10.1.0 and earlier contain an information disclosure vulnerability. A malicious user with physical access to the machine could potentially exploit this vulnerability to access the unencrypted RegBack folder that contains back-ups of sensitive system files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
PHYSICAL
LOW
LOW
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
dellCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
VendorProductVersion
delldata_protection_\|_encryption
𝑥
≤ 10.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dell.com/support/article/us/en/04/sln314963/dell-encryption-enterprise-dell-data-protection-encryption-information-disclosure-vulnerability?lang=en
https://www.dell.com/support/article/us/en/04/sln314963/dell-encryption-enterprise-dell-data-protection-encryption-information-disclosure-vulnerability?lang=en